Inicio Explorar Axuda
Iniciar sesión
mirror
/
grpc-swift
réplica de https://github.com/grpc/grpc-swift.git
2
0
Fork 0
Ficheiros Incidencias 0 Wiki
Explorar o código

Add an option to set 'certificateVerification' to the client builder (#980)

Motivation:

We allow users to set the `certificateVerification` if they configure
their client directly using `ClientConnection.Configuration` but not via
the builder API.

Modifications:

- Add `withTLS(certificateVerification:)` to the client connection builder.
  (The same option is already available on the server builder)

Result:

Users can set the certificate verification mode on the client builder.
George Barnett %!s(int64=5) %!d(string=hai) anos
pai
5c20271bc4
achega
e2e138df61
Modificáronse 3 ficheiros con 34 adicións e 0 borrados
Unificar vista Mostrar estatísticas de Diff
  1. 8 0
      Sources/GRPC/GRPCChannel/GRPCChannelBuilder.swift
  2. 25 0
      Tests/GRPCTests/ClientTLSTests.swift
  3. 1 0
      Tests/GRPCTests/XCTestManifests.swift

+ 8 - 0
Sources/GRPC/GRPCChannel/GRPCChannelBuilder.swift
Ver ficheiro 

@@ -227,6 +227,14 @@ extension ClientConnection.Builder.Secure {
 
     self.tls.trustRoots = trustRoots
 
     self.tls.trustRoots = trustRoots
 
     return self
 
     return self
 
   }
 
   }
 
+
 
+  /// Whether to verify remote certificates. Defaults to `.fullVerification` if not otherwise
 
+  /// configured.
 
+  @discardableResult
 
+  public func withTLS(certificateVerification: CertificateVerification) -> Self {
 
+    self.tls.certificateVerification = certificateVerification
 
+    return self
 
+  }
 
 }
 
 }
 
 
 
 extension ClientConnection.Builder {
 
 extension ClientConnection.Builder {

+ 25 - 0
Tests/GRPCTests/ClientTLSTests.swift
Ver ficheiro 

@@ -111,4 +111,29 @@ class ClientTLSHostnameOverrideTests: GRPCTestCase {
 
 
 
     try self.doTestUnary()
 
     try self.doTestUnary()
 
   }
 
   }
 
+
 
+  func testTLSWithNoCertificateVerification() throws {
 
+    self.server = try Server.secure(
 
+      group: self.eventLoopGroup,
 
+      certificateChain: [SampleCertificate.server.certificate],
 
+      privateKey: SamplePrivateKey.server
 
+    )
 
+    .withServiceProviders([EchoProvider()])
 
+    .withLogger(self.serverLogger)
 
+    .bind(host: "localhost", port: 0)
 
+    .wait()
 
+
 
+    guard let port = self.server.channel.localAddress?.port else {
 
+      XCTFail("could not get server port")
 
+      return
 
+    }
 
+
 
+    self.connection = ClientConnection.secure(group: self.eventLoopGroup)
 
+      .withTLS(trustRoots: .certificates([]))
 
+      .withTLS(certificateVerification: .none)
 
+      .withBackgroundActivityLogger(self.clientLogger)
 
+      .connect(host: "localhost", port: port)
 
+
 
+    try self.doTestUnary()
 
+  }
 
 }
 
 }

+ 1 - 0
Tests/GRPCTests/XCTestManifests.swift
Ver ficheiro 

@@ -96,6 +96,7 @@ extension ClientTLSHostnameOverrideTests {
 
     // to regenerate.
 
     // to regenerate.
 
     static let __allTests__ClientTLSHostnameOverrideTests = [
 
     static let __allTests__ClientTLSHostnameOverrideTests = [
 
         ("testTLSWithHostnameOverride", testTLSWithHostnameOverride),
 
         ("testTLSWithHostnameOverride", testTLSWithHostnameOverride),
 
+        ("testTLSWithNoCertificateVerification", testTLSWithNoCertificateVerification),
 
         ("testTLSWithoutHostnameOverride", testTLSWithoutHostnameOverride),
 
         ("testTLSWithoutHostnameOverride", testTLSWithoutHostnameOverride),
 
     ]
 
     ]
 
 }
 
 }